<?php if (!defined('TL_ROOT')) die('You can not access this file directly!');


/**
 * This class is for online shop order process - payment.
 * params order step
 * This is the children of controller.
 * PHP5 CMS Typolight
 * Copyright is 34n.sam@gmail.com
 */
 
 /**
 * Start page
 */
session_start();

$forgetpwd = new ForgetPassword();
$forgetpwd->run();

class ForgetPassword extends Controller
{		
	/**
	 * This is class construct function.
	 * @params null
	 * @Return null
	 */
	public function __construct()
	{
		parent::__construct();		
	}
	
	/** 
	 * Start page function
	 * @params null
	 * @Return null
	 */
	public function run()
	{
		$this->import('Database');
		
		if (isset($_POST) && $_POST)
			$is_email_exist = $this->validationUserEmail();
		else
			$is_email_exist = false;
		
		echo $this->displayForgetPassword($is_email_exist);
	}
	
	/**
	 * Generate the html page.
	 * @params null
	 * @Return string
	 */
	private function displayForgetPassword($is_email_exist=false)
	{
		if (isset($_POST) && $_POST)
			if (!$is_email_exist)
				$strHtml = "<div class=\"notice\">* Unknown user. Please try again or <a title=\"register\" href=\"sign-in.html\">register:</a></div>";
			else
				$strHtml = "<div class=\"notice\">* The new password has been sent to you. Please check email.</div>";
		else
			$strHtml = "";
		$strHtml .= "<form action=\"forgot-password.html\" name=\"form\" method=\"post\" >
			<div class=\"tier\"><label>E-mail</label><input type=\"text\" name=\"email\" class=\"text\" value=\"\" /></div>
			<div class=\"submits\">
				<input type=\"submit\" name=\"btn_send\" class=\"submit\" value=\"SEND\" /></div>
		</form>";
		
		return $strHtml;
	}
	
	/**
	 * Validation user and send email to user
	 * @params null
	 * @Return null
	 */
	private function validationUserEmail()
	{
		$objMember = $this->Database->prepare("SELECT * FROM tl_member WHERE email=?")
									->execute(trim($_POST['email']));
									
		if ($objMember->numRows < 1)
			return false;
		
		// Send Email
		$email = new Email();
		
		$email->subject = "Your Password";
		$email->from = $GLOBALS['TL_CONFIG']['adminEmail'];
		$email->fromName = "Daftshopping.com";
		$email->replyTo("34n@gmail.com" . '<34n@gmail.com>');
		
		// Change the password.
		$str = 'abcdefghijkmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ';
		$length = 8;
		for ($i = 0, $passwd = ''; $i < $length; $i++)
			$passwd .= substr($str, mt_rand(0, strlen($str) - 1), 1);
		
		$strPassword = $strSalt = substr(md5(uniqid('', true)), 0, 23);
		$strPassword = sha1($strSalt . $passwd);
		$password = $strPassword . ':' . $strSalt;
		
		$this->Database->prepare("UPDATE tl_member SET password=? WHERE email=?")
						->execute($password, trim($_POST['email']));
		
		$strHtml = "Hi " . $objMember->firstname . (($objMember->firstname) ? " " : "") . $objMember->lastname . ",<br />";
		$strHtml .= "Username: " . $objMember->username . "<br />" . "Password : " . $passwd;
		$strHtml .= "<br /><br />";
		$strHtml .= '<a href="'. $this->Environment->base . 'sign-in.html" title="Click here to sign in">Click here to sign in</a><br /><br />';
		$strHtml .= 'If you would like to change your password, please  go to ‘my account”.<br /><br />';
		$strHtml .= 'Team at <a href="'. $this->Environment->base . '" title="daftshopping.com">daftshopping.com</a><br /><br /><br /><br />';
		$strHtml .= '<hr><br />This is an automated e-mail. Please do not respond to this message. If you have billing or technical questions, please send an e-mail to Customer Services at <a href="mailto:info@daftshopping.com" title="info@daftshopping.com">info@daftshopping.com</a>';
		
		$email->html = $strHtml;
		$email->sendTo(trim($_POST['email']));
		
		return true;
	}
}